0

For customizing of ModSecurity configuration I have included to the modsecurity.conf following line:

Include /etc/modsecurity/*.conf

But without any conf file in the directory (usual case on my enviroment), a kong failing during startup

Error: could not prepare Kong prefix at /usr/local/kong: nginx configuration is invalid (exit code 1): nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/kong/modsecurity.conf. Line: 268. Column: 31. /etc/modsecurity/.conf: Not able to open file. Looking at: '/etc/modsecurity/.conf', '/etc/modsecurity/.conf', '/usr/local/kong//etc/modsecurity/.conf', '/usr/local/kong//etc/modsecurity/*.conf'. in /usr/local/kong/nginx-kong.conf:69 nginx: configuration file /usr/local/kong/nginx.conf test failed

IncludeOptional not supported by kong.

How I can solve the case with optional include?

Kong version 1.2.X

demon101
  • 544
  • 1
  • 11
  • 39
  • I do not know Kong, but I think this is not a Kong issue, rather than libmodsecurity3 - which version do you have? As I remember the earlier versions didn't support the meta characters, like `*`. – airween Apr 27 '21 at 05:26
  • @airween , I don't think * not supported. If any file present in the folder, everything works well, but fails on empty folder. – demon101 Apr 27 '21 at 08:45
  • Ah, I see - sorry. I did not realized you also wrote the empty directory issue. The absence of 'IncludeOptional' keyword is a big problem... You can put an empty file with name 'empty.conf' - this can be help. – airween Apr 27 '21 at 12:54
  • @airween , as a hotfix I have already put an empty file. it works. Thx for attention! – demon101 Apr 30 '21 at 07:58

0 Answers0